General Cybersecurity Conference

March 26 – 27, 2018| Dubai, United Arab Emirates

Cybersecurity Conference Description

In May 2017, WannaCry affected organizations across the globe, including numerous hospitals. It led to work shut down at hospitals across the United Kingdom and affected hospitals in Canada and United States. According to a report by an investment banking advisory firm Alpen Capital, the GCC healthcare market is projected to grow at a CGR compound annual growth rate (CAGR) of 12.1% per annum from an estimated $40.3 billion in 2015 to $71.3 billion in 2020. With this growth comes the risk of cyber-attacks which can vary from financial fraud, medical insurance fraud, attacks on computer-controlled medical devices to patient information.

MENA Cyber Health Summit, scheduled to take place on 26 & 27 March 2018 in Dubai, United Arab Emirates, aims to create a platform for all stakeholders to discuss and help healthcare organizations develop a real-time response and recovery, to cyber threats.

The medical field has undergone massive digitization in recent years with the emergence of interconnected medical devices and the broader exchange of health care information. In less than a decade, nearly all hospitals and physician offices have adopted electronic health record (EHR) systems.[i] But the adoption and investment related to cybersecurity has been slow. According to the Health Care Industry Cybersecurity Task Force, “a majority of the health care sector made financial investments in cybersecurity only in the last five years.”[ii] This expansion of digitizing critical information without an investment in cybersecurity has, in large part, led to the current environment where health care providers are easy targets for attackers. In a 2017 report, the American Medical Association found that 8 out of 10 physicians had experienced a cyberattack in practice.[iii]

In fact, 2017 introduced some of the largest and most widespread cybersecurity attacks in recent memory. The health care industry was shown to be particularly vulnerable to these threats. In 2018, health care providers should be on the watch for the following threats and should take efforts to protect against them.

Ransomware will Continue to Plague Providers
Ransomware is malware that exploits vulnerabilities in a system to encrypt or remove access from the information contained on the system. The infected system displays a message informing users that their data will not be released unless they pay the demanded ransom. Industries where access to information is critical to providing services—such as health care–are particularly targeted by such attacks.

Health care providers will remember 2017 as the year of large ransomware attacks, starting with the WannaCry ransomware attack, which spread to over 150 countries and infected more than 400,000 machines in just two days.[iv] The United Kingdom’s National Health Service was hit hardest by this attack, causing it to cancel nearly 7,000 appointments – including operations – as a direct result of the attack.[v] Hospitals here in the U.S. were also affected by this attack, including medical devices such as Bayer’s MedRad device that assists in MRI scans.[vi] WannaCry was followed by another global ransomware attack in June 2017 known as NotPetya. Several hospital systems and other health care entities were impacted by this attack, including Merck, one the U.S.’s largest pharmaceutical manufacturers.[vii] Health care providers can expect to see more of the same in 2018, as neither their vulnerabilities nor their mitigation efforts have drastically changed.

Targeting of Connected Medical Devices
The potential vulnerabilities in medical devices have long been on the radar. Successful hacks dating back to 2011 have affected a variety of medical devices, ranging from insulin pumps to pacemakers.[viii] Medical devices connected to a broader computer network have been used as easy access points for attackers to gain unauthorized entry to the network. In 2013, the Department for Homeland Security (DHS) issued a warning that 300 medical devices tested for cybersecurity vulnerabilities all failed to meet minimum standards.[ix] This warning spurred the Food and Drug Administration (FDA) to issue recalls due to cybersecurity vulnerabilities and, in 2016, to issue cybersecurity guidance for medical devices.[x] This year, Congress took notice, and the Medical Device Cybersecurity Act of 2017 was introduced.[xi] Although the bill failed to pass, by all indications regulatory and legislative actions seeking to address this concern will continue in 2018.

In the meantime, medical devices remain extremely vulnerable. Unlike other devices that receive multiple and frequently automatic updates that may protect against certain security holes, medical device manufacturers remain slow to update their products, and the process for implementing updates may be less user friendly. Further, the fact that hospitals and similar health care entities “typically have 300-400% more medical equipment than IT devices”[xii] provides more possible targets for hackers seeking access to a provider’s networks.

Falsification of Electronic Medical Records
As an increasing number of providers deploy certain protections (backups, frequent updates, etc.) against ransomware and refuse to pay the demanded ransoms, cybercriminals undoubtedly will turn to other methods that could increase the potential harm to providers and lead to higher ransom payments. One change we may see in 2018 is the possibility that hackers, instead of making data within a medical record unavailable or encrypted, will simply change the stored data so that it is inaccurate.[xiii] If providers have no way of knowing what information in the medical record is accurate, substantial liability may arise from issuing a contraindicated prescription, amputating the incorrect leg, or being falsely alerted that a patient has flatlined. The possibility that these attacks could even more directly threaten life or safety of patients presents an opportunity for attackers to exploit and profit from ransom demands at a greater degree.

These three potential areas of cybersecurity concern, along with many others (such as mobile device and vendor security), will continue to trouble providers in 2018. As we head into the new year, health care entities should take steps to protect their information systems, the medical information they create, and the patients they serve.

AS THE PERSONAL details of half of all Americans are stolen, Ronan Murphy asks how prepared is Ireland to face the €1.6 trillion cyber-threat? The breach at US credit reporting company Equifax is one of the biggest to date. Sometime in late July, cyber criminals infiltrated their supposedly secure system to steal…

It’s frightening to consider that the new generation of combat might extend to the very hospital beds of our wounded veterans. But no less than that is at risk when we talk about security of health IT systems. Because of development and acquisition cycles, a medical device is already three…

To Purchase This Product/Services, Go To The Store Link Above Or Go To http://www.become007.com/store/ A new Canadian pilot program designed to promote mental health skills in youth significantly lessened cases of depression, anxiety, and suicidal thoughts. University of Alberta researchers led the EMPATHY program in …

To Purchase This Product/Services, Go To The Store Link Above Or Go To http://www.become007.com/store/ Source: National Cyber Security – Produced By Gregory Evans A congressionally mandated healthcare industry task force has published the findings of its investigation into the state of health information systems security, …

Trios Health has terminated an employee after finding out they accessed multiple patient records without permission. So far, an internal investigation shows electronic health records of about 600 patients have been accessed by that employee. This took place between October 2013 and March of this year. Elizabeth Rice, the director…

The Department of Veterans Affairs is warning military veterans about a phone scam targeting people who call the Veterans Choice Program hotline. The correct number for the program is (866) 606-8198. But if someone makes the simple mistake of dialing 1-800, the scammers go to work. A misleading recording tells the caller they are eligible for a retail rebate of …

Health information is now one of the most sought-after online records pursued in cyber attacks and that’s one of the reasons behind a partnership to create the Center for Cybersecurity & Data Intelligence at the University of Dayton.
Premier Health,